Social Share Icons & Social Share Buttons
Approved changes feed: RSS · Atom
cpe:2.3:a:inisev:social_share_icons_&_social_share_buttons:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Inisev (f56a1d9c-c546-5c00-839e-72dda3ed8869) |
|---|---|
| Product | Social Share Icons & Social Share Buttons (11fb099b-339a-5ce3-8f8f-e4f0f996015e) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-3977 |
vulnerable | 2026-06-08 06:09:40.944671 |
Inisev Plugins (Various Versions) - Cross-Site Request Forgery on handle_installation function
MEDIUM (4.3)
Several plugins for WordPress by Inisev are vulnerable to Cross-Site Request Forgery to unauthorized installation of plugins due to a missing nonce check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. This makes it possible for unauthenticated attackers to install plugins from the limited list via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Published: 2023-07-28T04:37:03.018Z
Updated: 2026-04-08T17:14:37.640Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-38514 |
vulnerable | 2026-06-08 06:08:18.140528 |
WordPress Social Share Icons & Social Share Buttons plugin <= 3.5.7 - Broken Access Control vulnerability
MEDIUM (4.3)
Missing Authorization vulnerability in social share pro Social Share Icons & Social Share Buttons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Share Icons & Social Share Buttons: from n/a through 3.5.7.
Published: 2024-12-13T14:23:57.758Z
Updated: 2026-04-28T16:08:34.275Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-0958 |
vulnerable | 2026-06-08 05:52:33.524756 |
Inisev Plugins (Various Versions) - Missing Authorization on handle_installation function
MEDIUM (4.3)
Several plugins for WordPress by Inisev are vulnerable to unauthorized installation of plugins due to a missing capability check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. This makes it possible for authenticated attackers with minimal permissions, such as subscribers, to install select plugins from Inisev on vulnerable sites. CVE-2023-38514 appears to be a duplicate of this vulnerability.
Published: 2023-07-28T04:37:03.650Z
Updated: 2026-04-08T17:24:39.864Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.